Slideshare uses cookies to improve functionality and performance, and to provide you with relevant advertising. If you continue browsing the site, you agree to the use of cookies on this website. See our User Agreement and Privacy Policy.

Slideshare uses cookies to improve functionality and performance, and to provide you with relevant advertising. If you continue browsing the site, you agree to the use of cookies on this website. See our Privacy Policy and User Agreement for details.

While this provides unprecedented value for network security visibility and management, these teams often lack the business context; the ability to assess the impact of network and firewall rule changes on the company’s business applications, application availability and business processes.

Business-driven management of connectivity change requests while avoiding misconfigurations and miscommunications
Pro-active visibility of the security impact of application changes before applying them
How visibility into the applications associated with every firewall rule enhances auditing, compliance and policy cleanup
Clear visibility into the impact of new vulnerabilities and maintenance tasks on business processes
Different ways to discover network connectivity for existing applications

5.
5| Confidential
THE BALANCING ACT - REALITY
Trying to find the perfect balance:
• Both agility and security are affected
• Constant tension between Security and Apps teams
Security Business Agility
And if it fails … Shadow IT starts

10.
HOW DIFFICULT IS IT FOR YOUR NETWORK TEAMS
TO UNDERSTAND THE BUSINESS CONTEXT OF
FIREWALL RULES?
• Very
• Slightly
• This is not a challenge
Please vote using the “votes from audience” tab in your BrightTALK panel
POLL

46.
Please vote using the “votes from audience” tab in your BrightTALK panel
HOW MANY TIMES A YEAR DO YOU RE-CERTIFY
YOUR FIREWALL RULES?
• On a project basis
• Once a year
• Twice a year
• Once every 2 years
POLL

47.
48| Confidential
WHY FIREWALL RULES BECOME REDUNDANT
An application is
decommissioned
An application is
upgraded and uses
different services/ ports
An endpoint is moved to a
different datacenter
Decommissioning of outdated rules is best practice:
• Security: reduce attack surface and risk
• Compliance: periodic reviews are mandated

48.
49| Confidential
TRADITIONAL METHODOLOGY
REVIEW
the firewall logs
and determine
when the rule was
last used
READ
the comments to
see who
requested the rule
and which
application it
serves
VALIDATE
that the
application is not
in use with the
relevant contact
REMOVE
the rule or extend
the expiration
date